朝鲜黑客加大针对加密货币的社会工程诈骗力度

据 Cointelegraph 报道，据报道，朝鲜黑客加强了旨在窃取加密货币的社会工程诈骗

North Korean hackers are reportedly ramping up their social engineering scams to steal cryptocurrencies, having infiltrated several large, multinational information technology companies, according to a new report by Cointelegraph.

据 Cointelegraph 的一份新报告称，朝鲜黑客正在加大社交工程诈骗力度，以窃取加密货币，并已渗透到多家大型跨国信息技术公司。

At the Cyberwarcon cybersecurity conference, researchers identified two North Korean hacker groups, "Sapphire Sleet" and "Ruby Sleet," as being central to these operations.

在 Cyber​​warcon 网络安全会议上，研究人员确定了两个朝鲜黑客组织“Sapphire Sleet”和“Ruby Sleet”是这些行动的核心。

Sapphire Sleet has been targeting individuals through fraudulent employment schemes, posing as legitimate recruiters to lure victims into interviews or job offers. During these interactions, the hackers infect the victims' computers with malware disguised as PDF files or malicious links.

Sapphire Sleet 一直通过欺诈性就业计划来针对个人，冒充合法的招聘人员来引诱受害者接受面试或提供工作机会。在这些交互过程中，黑客利用伪装成 PDF 文件或恶意链接的恶意软件感染受害者的计算机。

On the other hand, Ruby Sleet has managed to infiltrate aerospace and defense contractors in the United States, the United Kingdom, and South Korea, aiming to steal military secrets.

另一方面，Ruby Sleet 成功渗透到美国、英国和韩国的航空航天和国防承包商中，旨在窃取军事机密。

The report also highlights that North Korean IT workers are using fake identities, crafted through AI, social media, and voice-changing technologies, to infiltrate companies and execute recruitment scams.

该报告还强调，朝鲜 IT 员工正在使用通过人工智能、社交媒体和变声技术制作的虚假身份渗透到公司并实施招聘骗局。

The threat posed by North Korean hackers to the cryptocurrency industry is not new. Prior to the Cyberwarcon warning, hackers linked to the DPRK regime had already been targeting cryptocurrency firms using similar tactics.

朝鲜黑客对加密货币行业构成的威胁并不新鲜。在网络战警告之前，与朝鲜政权有关的黑客已经使用类似的策略瞄准加密货币公司。

In August, onchain investigator ZackXBT identified 21 developers, believed to be North Koreans, working on various crypto projects under fake identities.

8 月，链上调查员 ZackXBT 发现了 21 名开发人员，据信是朝鲜人，他们以虚假身份从事各种加密项目。

In September, the Federal Bureau of Investigation (FBI) issued a warning about North Korean hackers targeting crypto companies and decentralized finance projects with malware disguised as employment offers. Once users downloaded the malware or clicked on malicious links, their private keys were at risk of being stolen.

9 月，美国联邦调查局 (FBI) 发出警告，称朝鲜黑客利用伪装成就业机会的恶意软件瞄准加密货币公司和去中心化金融项目。一旦用户下载了恶意软件或点击了恶意链接，他们的私钥就有被盗的风险。

In October, concerns arose within the Cosmos ecosystem regarding its Liquid Staking Module, which was allegedly developed by North Korean developers. Jacob Gadikian, a Cosmos ecosystem developer, remarked that the individuals behind the LSM are among the world's most skilled and prolific crypto thieves.

10 月，Cosmos 生态系统内部对其 Liquid Stake 模块产生了担忧，据称该模块是由朝鲜开发商开发的。 Cosmos 生态系统开发人员 Jacob Gadikian 表示，LSM 背后的个人是世界上最熟练、最多产的加密货币窃贼之一。

This prompted several security audits of the Cosmos Liquid Staking Module due to fears of backdoors and other malicious code.

由于担心后门和其他恶意代码，这促使对 Cosmos Liquid Stake 模块进行了多次安全审计。

The ongoing threat from North Korean hackers underscores the need for heightened cybersecurity measures within the cryptocurrency and IT sectors.

来自朝鲜黑客的持续威胁凸显了加密货币和 IT 领域加强网络安全措施的必要性。